Malpedia Library

Click here to download all references as Bib-File.•

2022-04-28 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Malicious JavaScript-code BrownFlood injected into web-sites used for DDoS attacks (CERT-UA#4553)

2022-04-28 ⋅ Twitter (@vinopaljiri) ⋅ Jiří Vinopal
#ONYX Ransomware is based on #Chaos Ransomware Builderv4
Chaos

2022-04-28 ⋅ Mandiant ⋅ Anders Vejlby, John Wolfram, Nick Simonian, Sarah Hawley, Tyler McLellan
Trello From the Other Side: Tracking APT29 Phishing Campaigns
Cobalt Strike

2022-04-28 ⋅ PWC ⋅ PWC UK
Cyber Threats 2021: A Year in Retrospect (Annex)
Cobalt Strike Conti PlugX RokRAT Inception Framework Red Menshen

2022-04-28 ⋅ vx-underground ⋅ Twitter (@vxunderground)
Tweet on leaked Prynt Stealer source code and similarity to AyncRAT
AsyncRAT Prynt Stealer

2022-04-28 ⋅ Fortinet ⋅ Gergely Revay
An Overview of the Increasing Wiper Malware Threat
AcidRain CaddyWiper DistTrack DoubleZero EternalPetya HermeticWiper IsaacWiper Olympic Destroyer Ordinypt WhisperGate ZeroCleare

2022-04-28 ⋅ Proofpoint ⋅ Kelsey Merriman, Pim Trouerbach
This isn't Optimus Prime's Bumblebee but it's Still Transforming
BumbleBee TA578 TA579

2022-04-28 ⋅ nccgroup ⋅ David Brown, Michael Matthews, Rob Smallridge
LAPSUS$: Recent techniques, tactics and procedures

2022-04-27 ⋅ Secureworks ⋅ Counter Threat Unit ResearchTeam
BRONZE PRESIDENT Targets Russian Speakers with Updated PlugX
DOPLUGS

2022-04-27 ⋅ Kaspersky Labs ⋅ GReAT
APT trends report Q1 2022
Fishing Elephant Storm-0473

2022-04-27 ⋅ Stairwell ⋅ Silas Cutler, Steve Miller
The origin story of APT32 macros: The StrikeSuit Gi
StrikeSuit Gift

2022-04-27 ⋅ Symantec ⋅ Threat Hunter Team
Stonefly: North Korea-linked Spying Operation Continues to Hit High-value Targets
Dtrack VSingle

2022-04-27 ⋅ Trend Micro ⋅ Daniel Lunghi, Jaromír Hořejší
New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware
HelloBot AsyncRAT Ghost RAT HelloBot PlugX Quasar RAT Earth Berberoka

2022-04-27 ⋅ Trendmicro ⋅ Trendmicro
IOCs for Earth Berberoka - Windows
AsyncRAT Cobalt Strike PlugX Quasar RAT Earth Berberoka

2022-04-27 ⋅ Trendmicro ⋅ Trendmicro
IOCs for Earth Berberoka - Linux
Rekoobe pupy Earth Berberoka

2022-04-27 ⋅ Trendmicro ⋅ Trendmicro
IOCs for Earth Berberoka - MacOS
oRAT Earth Berberoka

2022-04-27 ⋅ Trendmicro ⋅ Trendmicro
IOCs for Earth Berberoka
Earth Berberoka

2022-04-27 ⋅ Trendmicro ⋅ Daniel Lunghi, Jaromír Hořejší
Operation Gambling Puppet
reptile oRAT AsyncRAT Cobalt Strike DCRat Ghost RAT PlugX Quasar RAT Trochilus RAT Earth Berberoka

2022-04-27 ⋅ Sentinel LABS ⋅ James Haughom, Jim Walter, Júlio Dantas
LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility
Cobalt Strike LockBit BRONZE STARLIGHT

2022-04-27 ⋅ Bitdefender ⋅ Mihai Neagu
RedLine Stealer Resurfaces in Fresh RIG Exploit Kit Campaign
RedLine Stealer